Bug Bounty

All about electronic devices security
https://mail.bugbounty.com.au/

Remote Attackers Can Gain Super-Admin Privileges via Crafted Requests to Node.js Websocket Module

https://mail.bugbounty.com.au/viewtopic.php?t=10249

Page 1 of 1

Remote Attackers Can Gain Super-Admin Privileges via Crafted Requests to Node.js Websocket Module

Posted: Sun Oct 05, 2025 5:02 am
by Shane1145
CVE-2024-55591 is a critical security vulnerability identified in Fortinet's FortiOS and FortiProxy software, specifically versions 7.0.0 through 7.0.16 and 7.0.0 through 7.0.19, as well as 7.2.0 through 7.2.12. This vulnerability falls under the category of Authentication Bypass Using an Alternate Path or Channel (CWE-288). It allows remote attackers to bypass standard authentication mechanisms and gain super-admin privileges by sending specially crafted requests to the Node.js websocket module integrated within these systems.

https://securityvulnerability.io/vulner ... 2024-55591
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited